Hi,
I was reading [this](https://www.businessinsider.com/passenger-faces-120k-fines-after-fighter-jets-scrambled-for-bomb-joke-2024-1?amp) article, in which some kid made a joke about bombing the plane to his friend/s over snapchat just before boarding. The message was intercepted by the intelligence agencies and some response military planes were sent to intercept the plane.
So the assumption is that airport network traffic is heavy sniffed and analysed by local intelligence agencies but based on the following facts:
– snapchat is end to end encrypted
– traffic goes over HTTPS
– he sent the message to his friend/s who clearly didn’t report him for a prank
How was the intelligence agency able to figure out the content of the message?
In: Technology
Some quick googling says to me that Snapchat’s encryption implementation sucks. They do E2E encryption for the pictures, but not for the text. This means the intermediary snapchat servers can inspect the text, and thus the authorities too.
There’s also apparently a problem where Snapchat doesn’t check for a chain of trust on the Certificate used by the central server, which means someone can spoof it and act as a central server like a Man in the Middle attack.
There’s also the possibility that there was something on either phone that was looking at the content. E2E encryption doesn’t protect from mishandling data at the ends.
And if you want to get conspiratorial, there’s some theories that the NSA has a backdoor into the Elliptic Curve ciphers that are in use in cryptography, because the NSA provided the specific elliptic curve that is used in cryptography libraries. [Here](https://www.youtube.com/watch?v=NF1pwjL9-DE)’s some more about EC.
Latest Answers